We just raised a $30M Series A: Read our story
2021-07-28T09:41:00Z

What is the difference between IDR and EDR?

87

What is the difference between Incident Detection Response (IDR) e.g. in Rapid7 InsightIDR and Endpoint Detection and Response (EDR) in other solutions?

Thanks.

ITCS user
Guest
12 Answers

author avatar
Top 5LeaderboardConsultant

Hi @Navin Rehnius,


The IDR focus is on the correlation of the host system vulnerability with the exploit activity. In a way, it will classify if an exploit or attack event is most potentially an incident. 


However, IDR works by scanning the whole segment of the target hosts while EDR is running continuously at the endpoint level.


With the correct implementation of EDR, you could actually correlate EDR events with vulnerability assessment information and achieve the same objectives of IDR. 

2021-08-02T03:17:33Z
author avatarNavin Rehnius
Top 5Real User

@John Rendy Thank you for your answer.

Find out what your peers are saying about Rapid7, FireEye and others in Security Incident Response. Updated: November 2021.
552,305 professionals have used our research since 2012.